LVS+piranha(多实例配置)
一、负载均衡器端1.安装(MASTER、BACKUP)
A、wget http://mirrors.163.com/.help/CentOS6-Base-163.repo -O /etc/yum.repos.d/CentOS-Base.repo
B、yum makecache
C、yum -y update
D、yum -y install ipvsadm modcluster piranha system-config-cluster php54 php54-cli php54-common
2.撰写配置文件
vi /etc/sysconfig/ha/lvs.cf
serial_no = 28
primary = 10.10.10.100
primary_private = 172.28.29.100
service = lvs
backup_active = 1
backup = 10.10.10.200
backup_private = 172.28.29.200
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = direct
debug_level = NONE
monitor_links = 0
syncdaemon = 0
virtual web_http {
active = 1
address = 10.10.10.250 eth0:1
vip_nmask = 255.255.255.0
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wrr
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server web_realserver1 {
address = 10.10.10.101
active = 1
port = 80
weight = 1
}
serverweb_realserver2 {
address = 10.10.10.102
active = 1
port = 80
weight = 1
}
serverweb_realserver3 {
address = 10.10.10.103
active = 1
port = 80
weight = 1
}
serverweb_realserver4 {
address = 10.10.10.104
active = 1
port = 80
weight = 1
}
}
virtual bbs_http {
active = 1
address = 172.28.29.250 eth1:1
vip_nmask = 255.255.255.0
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wrr
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
serverbbs_realserver1 {
address = 172.28.29.101
active = 1
port = 80
weight = 1
}
serverbbs_realserver2 {
address = 172.28.29.102
active = 1
port = 80
weight = 1
}
serverbbs_realserver3 {
address = 172.28.29.103
active = 1
port = 80
weight = 1
}
serverbbs_realserver4 {
address = 172.28.29.104
active = 1
port = 80
weight = 1
}
}
3.启动LVS集群(先master后backup)
/etc/init.d/pulse start
二、后端的realserver端
1.撰写脚本
vi /etc/init.d/lvs_realserver
#!/bin/bash
#description: LVS realsever
. /etc/rc.d/init.d/functions
WEB_VIP="10.10.10.250 172.28.29.250"
start(){
num=0
echo -ne 'Start LVS of RealServer'
for loop in $WEB_VIP
do
ifconfig lo:$num $loop netmask 255.255.255.255 up
# /sbin/route add -host $loop dev lo:$num
num=$
done
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
echo " OK"
}
stop(){
echo -ne 'Stop LVS of RealServer'
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
num=0
for loop in $WEB_VIP
do
/sbin/ifconfig lo:$num down
# /sbin/route del -host $loop
num=$
done
echo " OK"
}
restart(){
stop
start
}
case $1 in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
status)
/sbin/ip add
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
2.添加执行权限
chmod +x /etc/init.d/lvs_realserver
3.启动脚本
sh /etc/init.d/lvs_realserver start
三、防火墙配置
vi /etc/sysconfig/iptables
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
:RH-Firewall-1-INPUT -
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A INPUT -s 10.10.10.0/24 -d 224.0.0.0/8 -i eth0 -j ACCEPT
-A INPUT -s 172.28.29.0/24 -d 224.0.0.0/8 -i eth1 -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -s 172.28.29.0/255.255.255.0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -s 10.10.10.0/255.255.255.0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
四、看一下运行情况
# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP10.10.10.250:http wrr
-> 10.10.10.101:http Local 1 115 448
-> 10.10.10.102:http Route 1 137 452
-> 10.10.10.103:http Route 1 111 454
-> 10.10.10.104:http Route 1 141 440
TCP172.28.29.250:http wrr
-> 172.28.29.101:http Local 1 84 145
-> 172.28.29.102:http Route 1 77 147
-> 172.28.29.103:http Route 1 83 152
-> 172.28.29.104:http Route 1 71 160
页:
[1]